This Privacy Policy describes how Ciboli (operating at ciboli.info, aleja Bohaterów Warszawy 21, Szczecin, Poland) collects, uses, stores, and protects personal data. This policy applies to all visitors and users of ciboli.info and is written in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and the Polish Act on Personal Data Protection (Ustawa o ochronie danych osobowych) as amended.
Data Controller
The data controller responsible for your personal data is Ciboli, aleja Bohaterów Warszawy 21, Szczecin, Poland. Contact: [email protected], telephone +48 91 484 07 06. Questions regarding data processing may be directed to this address.
Personal Data We Collect
We collect personal data only when you voluntarily provide it or when it is generated through your use of this website. The categories of data we may process include:
- Contact data: name, email address, telephone number — collected when you submit the contact form
- Communication content: the subject and message body of enquiries you send
- Technical data: IP address, browser type, operating system, referring URL, pages visited, and time of visit — collected automatically through server logs and, where consent is given, through analytics cookies
- Cookie preference data: your consent status for non-essential cookies, stored locally in your browser
We do not collect special categories of personal data (sensitive data) as defined in Article 9 GDPR. We do not collect financial account information, payment card details, or any data relating to minors under the age of 16.
Legal Bases for Processing
We process personal data on the following legal bases under Article 6 GDPR:
- Article 6(1)(a) — Consent: for analytics and non-essential cookies, where you have provided explicit consent via the cookie consent mechanism on this site
- Article 6(1)(b) — Contractual necessity: where processing is necessary to respond to a pre-contractual enquiry you have initiated by submitting the contact form
- Article 6(1)(c) — Legal obligation: where processing is required to comply with applicable Polish or EU law
- Article 6(1)(f) — Legitimate interests: for the processing of server log data necessary to maintain website security and functionality, where such interests are not overridden by your rights
How We Use Your Data
- To respond to enquiries submitted via the contact form
- To maintain and improve the technical operation of ciboli.info
- To analyze aggregate, anonymized website usage patterns where analytics consent is given
- To comply with legal obligations under Polish and EU law
- To protect the security of this website and detect fraudulent or abusive activity
We do not use your personal data for automated decision-making or profiling as described in Article 22 GDPR. We do not sell, rent, or trade personal data to third parties for marketing purposes.
Data Retention
Contact form data (name, email, phone, message) is retained for the period necessary to respond to and resolve the enquiry, and for a reasonable period thereafter in case of follow-up, not exceeding 24 months from the date of last contact. Server log data is retained for a maximum of 12 months. Cookie consent records are retained for the duration of the consent period (12 months). Data subject to a legal retention obligation will be retained for the period required by applicable law.
Data Sharing and Third Parties
We do not share personal data with third parties except in the following circumstances: where required by Polish or EU law or a binding order of a competent authority; where necessary to engage a technical service provider (such as a hosting provider) who processes data solely on our behalf under a data processing agreement compliant with Article 28 GDPR; or with your explicit prior consent. Any third-party processor engaged by Ciboli is contractually bound to process data only on documented instructions and to implement appropriate technical and organizational security measures.
International Transfers
Where personal data is transferred outside the European Economic Area, such transfers will only occur where an adequate level of protection is ensured, either through an adequacy decision by the European Commission, Standard Contractual Clauses adopted pursuant to Article 46(2)(c) GDPR, or another appropriate safeguard recognized under GDPR. We will inform you of any such transfer upon request.
Your Rights
Under GDPR and Polish data protection law, you have the following rights regarding your personal data:
- Right of access (Article 15): to obtain confirmation of whether we process your data and receive a copy
- Right to rectification (Article 16): to request correction of inaccurate data
- Right to erasure (Article 17): to request deletion where the legal basis for processing no longer applies
- Right to restriction (Article 18): to request that processing be limited in certain circumstances
- Right to data portability (Article 20): to receive your data in a structured, machine-readable format where processing is based on consent or contract
- Right to object (Article 21): to object to processing based on legitimate interests
- Right to withdraw consent (Article 7(3)): at any time, without affecting the lawfulness of prior processing
- Right to lodge a complaint: with the Polish supervisory authority, Urząd Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00-193 Warsaw, uodo.gov.pl
To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days as required by Article 12 GDPR. Identity verification may be required before fulfilling a request.
Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, accidental loss, destruction, or damage, in accordance with Article 32 GDPR. These measures include HTTPS encryption for data in transit and access controls limiting data access to authorized personnel only. No method of electronic transmission or storage is completely secure; we cannot guarantee absolute security but we maintain reasonable and current safeguards.
Cookies
This website uses cookies. For full information about the cookies we use, their purpose, and how to manage your preferences, please see our Cookie Policy.
Changes to This Policy
We may update this Privacy Policy from time to time. The date at the top of this page indicates when the policy was last revised. Continued use of ciboli.info after any update constitutes acknowledgment of the revised policy. For material changes, we will take reasonable steps to notify users.